<?php
include 'lib/controllerWithoutGetOrPost.php';
include 'lib/LoggedIn.php';
$loggedIn = new LoggedIn();
$loggedIn->setPermission = "Admin Area";
if(!$loggedIn->check()) {
    echo $loggedIn->message();
} else {

include("header2.php");

function convertDateTime($value) {

$blah = substr($value, 6, 4);     // bcdef
$blah =  $blah."-".substr($value, 3, 2);
$blah = $blah."-".substr($value, 0, 2);
  
return $blah;


}

$query = "select 	Publication.ID, 
	Publication.Name AS 'PubName', 
	Notification.Name AS 'NotName',
	Publication.DatePublished, 
	Country.Name As 'CountryName',
	Publication.AddedOn 
from Publication 
left join Notification on Publication.NotificationID = Notification.ID 
left join Country on Country.ID = Publication.CountryID";
$where = "WHERE (Publication.Name Like '%".mysql_real_escape_string($_GET['name'])."%'";
if(!empty($_GET['from']) && !empty($_GET['to'])) {
$where .= " AND Publication.DatePublished Between '".mysql_real_escape_string(convertDateTime($_GET['from']))."' AND '".mysql_real_escape_string(convertDateTime($_GET['to']))."'";
}
$where .= ") ORDER BY Publication.DatePublished DESC, Publication.AddedOn DESC";
if(!isset($_GET['from']) && !isset($_GET['to'])) {
	$where .= " LIMIT 0,1000";
}
$query .= ' '.$where;

//echo $query;

// Perform Query
$result = mysql_query($query, $link);

// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
    $message  = 'Invalid query: ' . mysql_error() . "\n";
    $message .= 'Whole query: ' . $query;
    die($message);
}

echo "<form action=\"publicationsearch.php\" method=\"GET\">
Publication Name (contains): 
<input type=\"text\" name=\"name\"> From (dd/mm/yyyy):
<input type=\"text\" name=\"from\"> To (dd/mm/yyyy):
<input type=\"text\" name=\"to\">
<input type=\"submit\" value=\"Submit\">
</form>";

$class1 = "odd";
$class2 = "even";
$class = $class1;

echo "<table><tr><th>ID</th><th>Publication Name</th><th>Notice Type</th><th>Date Published</th><th>Country Name</th><th>Modified/Created On</th></tr>\n";
while ($row = mysql_fetch_assoc($result)) {
	echo "<tr class=\"$class\"><td><a href=\"publicationperson.php?publication=".$row['ID']."\">".$row['ID']."</a></td>\n";
	echo "<td>".str_replace("&", "&amp;", $row['PubName'])."</td>";
echo "<td>".str_replace("&", "&amp;", $row['NotName'])."</td>";
echo "<td>".str_replace("&", "&amp;", $row['DatePublished'])."</td>";
echo "<td>".str_replace("&", "&amp;", $row['CountryName'])."</td>";
echo "<td>".str_replace("&", "&amp;", $row['AddedOn'])."</td></tr>";

if($class == $class1) {
	$class = $class2;
} else if ($class == $class2) {
	$class = $class1;
}

}
echo "</table></body></html>";


// Free the resources associated with the result set
// This is done automatically at the end of the script
mysql_free_result($result);
mysql_close($link);

}
?>
